A financial institution is designing its disaster recovery strategy. Management states that after a disruption, customer-facing services must be restored within four hours, and no more than 30 minutes of customer transaction data can be lost. Which of the following BEST describes these requirements? A. RTO = 30 minutes, RPO = 4 hours B. RTO = 4 hours, RPO = 30 minutes C. RTO = 4 hours, RPO = 4 hours D. RTO = 30 minutes, RPO = 30 minutes

An organization is selecting a system that must provide strong assurance that all access control decisions are enforced correctly and cannot be bypassed. The evaluation team is considering systems certified under the Common Criteria (ISO/IEC 15408) framework. Which of the following Common Criteria assurance levels BEST meets this requirement? A. EAL2 – Structurally Tested B. EAL4 – Methodically Designed, Tested, and Reviewed C. EAL5 – Semiformally Designed and Tested D. EAL7 – Formally Verified, Designed, and Tested

An enterprise is moving to a hybrid cloud model and wants to centralize user authentication across on-premises systems and multiple SaaS providers. The solution must support single sign-on (SSO), enforce multi-factor authentication (MFA), and minimize administrative overhead for provisioning and deprovisioning accounts. Which of the following approaches BEST meets these requirements? A. Deploying Kerberos across all environments, including the SaaS providers B. Implementing a Security Assertion Markup Language (SAML)–based federation with an identity provider C. Using RADIUS servers for all authentication requests to centralize credential management D. Requiring each SaaS provider to integrate directly with the corporate LDAP directory

A company’s security team is planning regular vulnerability assessments of its production systems. Management insists that business operations must not be disrupted during these tests. Which of the following approaches BEST meets this requirement? A. Run authenticated vulnerability scans against production systems during business hours. B. Conduct penetration tests against production systems once per quarter. C. Perform vulnerability scans in a staging environment that mirrors production. D. Schedule uncredentialed vulnerability scans of production systems during off-peak hours.

An internal audit for an organization recently identified malicious actions by a user account. Upon further investigation, it was determined the offending user account was used by multiple people at multiple locations simultaneously for various services and applications. What is the BEST method to prevent this problem in the future? A. Ensure the security information and event management (SIEM) is set to alert. B. Inform users only one user should be using the account at a time. C. Ensure each user has their own unique account. D. Allow several users to share a generic account.